Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-02-28_281f6dcc6a80c5d35713208b8f87e61e_cryptolocker

  • Size

    72KB

  • Sample

    240228-mkb8vahd72

  • MD5

    281f6dcc6a80c5d35713208b8f87e61e

  • SHA1

    439f0a6a3bffc8ad3e9b470e2699f7b50d42903b

  • SHA256

    7bd5ee7546eb876f32aeb98b69afdf75e01644af9ba17b0fb63ecc3f650a5306

  • SHA512

    8a5d252426f3db1216ea270b85f021da708eb18cfbd546cb1a72e5d8869fc692eba43c35d9d4372ac0cc3a1ec19b062e68adf425aa043cf99b55d558f94035ff

  • SSDEEP

    1536:P8mnK6QFElP6n+gymddpMOtEvwDpjIHsale0:1nK6a+qdOOtEvwDpjY

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-02-28_281f6dcc6a80c5d35713208b8f87e61e_cryptolocker

    • Size

      72KB

    • MD5

      281f6dcc6a80c5d35713208b8f87e61e

    • SHA1

      439f0a6a3bffc8ad3e9b470e2699f7b50d42903b

    • SHA256

      7bd5ee7546eb876f32aeb98b69afdf75e01644af9ba17b0fb63ecc3f650a5306

    • SHA512

      8a5d252426f3db1216ea270b85f021da708eb18cfbd546cb1a72e5d8869fc692eba43c35d9d4372ac0cc3a1ec19b062e68adf425aa043cf99b55d558f94035ff

    • SSDEEP

      1536:P8mnK6QFElP6n+gymddpMOtEvwDpjIHsale0:1nK6a+qdOOtEvwDpjY

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks